Search Results

Search found 6090 results on 244 pages for 'digest authentication'.

Page 108/244 | < Previous Page | 104 105 106 107 108 109 110 111 112 113 114 115 | Next Page >

What would be a better implementation of shared variable among subclass

- by Churk

So currently I have a spring unit testing application. And it requires me to get a session cookie from a foreign authentication source. Problem what that is, this authentication process is fairly expensive and time consuming, and I am trying to create a structure where I am authenticate once, by any subclass, and any subsequent subclass is created, it will reuse this session cookie without hitting the authentication process again. My problem right now is, the static cookie is null each time another subclass is created. And I been reading that using static as a global variable is a bad idea, but I couldn't think of another way to do this because of Spring framework setting things during run time and how I would set the cookie so that all other classes can use it. Another piece of information. The variable is being use, but is change able during run time. It is not a single user being signed in and used across the board. But more like a Sub1 would call login, and we have a cookie. Then multiple test will be using that login until SubX will come in and say, I am using different credential, so I need to login as something else. And repeats. Here is a outline of my code: public class Parent implements InitializingBean { protected static String BASE_URL; public static Cookie cookie; ... All default InitializingBean methods ... afterPropertiesSet() { cookie = // login process returns a cookie } } public class Sub1 extends Parent { @resource public String baseURL; @PostConstruct public void init() { // set parents with my baseURL; BASE_URL = baseURL; } public void doSomething() { // Do something with cookie, because it should have been set by parent class } } public class Sub2 extends Parent { @resource public String baseURL; @PostConstruct public void init() { // set parents with my baseURL; BASE_URL = baseURL; } public void doSomethingElse() { // Do something with cookie, because it should have been set by parent class } }

Read the article
Programmatically setup a PEAP connection in Windows Mobile

- by tomlog

I have been working on this for a few days and this is doing my head in: Our application is built using the .NET Compact Framework 2.0 and running on Windows Mobile 5 & 6 devices. We can set the WLAN connection of the device programmatically using the Wireless Zero Config functions (described here: msdn.microsoft.com/en-us/library/ms894771.aspx), most notably the WZCSetInterface function which we pinvoke from our application. This works fine for WEP and WPA-PSK connections. In a recent effort to add support for WPA2 networks we decided to modify the code. We have successfully added support for WPA2 which uses a certificate for the 802.1x authentication by setting the correct registry settings before calling WZCSetInterface. Now we want to do the same for WPA2 using PEAP (MS-CHAPv2) authentication. When manually creating such a connection in Windows Mobile the user will be prompted to enter the domain/user/password details. In our application we will have those details stored locally and want to do this all programmatically without any user intervention. So I thought going along the same route as the certificate authentication, setting the correct registry entries before calling WZCSetInterface. The registry settings we set are: \HKCU\Comm\EAP\Config\[ssid name] Enable8021x = 1 (DWORD) LastAuthSuccessful = 1 (DWORD) EapTypeId = 25 (DWORD) Identity = "domain\username" (string) Password = binary blob containing the password that is encrypted using the CryptProtectData function (described here: msdn.microsoft.com/en-us/library/ms938309.aspx) But when these settings are set and I call WZCSetInterface with the correct parameters, it still prompts me with the User Logon dialog asking for the domain/username/password. Has anyone got an idea what I need to do to prevent the password dialog from appearing and connect straight away with the settings stored in the registry?

Read the article
using action helpers in Zend Framework 1.8

- by Nasser

Hi am starting off with Zend Framework and have a question about action helpers. My first application is a simple authentication system (following a tutorial from a book). The registration and authentication seems to work fine but the redirect doesn't. I have a customer controller that has this among others: class CustomerController extends Zend_Controller_Action { // some code here...... public function authenticateAction() { $request = $this->getRequest(); if (!$request->isPost()) { return $this->_helper->redirector('login'); } // Validate $form = $this->_forms['login']; if (!$form->isValid($request->getPost())) { return $this->render('login'); } if (false === $this->_authService->authenticate($form->getValues())) { $form->setDescription('Login failed, please try again.'); return $this->render('login'); } return $this->_helper->redirector('index'); } the authenticate url is http://localhost/customer/authenticate and this seems to work fine but it does not redirect. After authentication I get a blank page which looks like its taking me to the index and just sits there. I tried using '/index' instead but that did not help either. Do I need to do anything special to make the redirector helper work? I have a logout action which behaves the same.

Read the article
Having trouble Getting "RTSP over HTTP"

- by Muhammad Adeel Zahid

There is an axis camera that is connected to our site (camba.tv) through axis one click connection component (which acts as proxy). We can communicate with this camera only through http by setting the proxy to our OCCC server's address. If we want to get RTSP streams (h.264) we are only left with "RTSP over HTTP" option. For this I have followed axis VAPIX 3 documentation section 3.3. I issue requests through fiddler but don't get any response. But when i put the URL (axrtsphttp://1.00408CBEA38B/axis-media/media.amp) in windows media player (with proxy set to OCCC server 212.78.237.156:3128) the player is able to get RTSP stream over HTTP after logging in. I have created a request trace of communication between camera and windows media player through wireshark and the request that brings the stream looks like http://1.00408cbea38b/axis-media/media.amp HTTP/1.1 x-sessioncookie: 619 User-Agent: Axis AMC Host: 1.00408CBEA38B Proxy-Connection: Keep-Alive Pragma: no-cache Authorization: Digest username="root",realm="AXIS_00408CBEA38B",nonce="000a8b40Y0100409c13ac7e6cceb069289041d8feb1691",uri="/axis-media/media.amp",cnonce="9946e2582bd590418c9b70e1b17956c7",nc=00000001,response="f3cab86fc84bfe33719675848e7fdc0a",qop="auth" HTTP/1.0 200 OK Content-Type: application/x-rtsp-tunnelled Date: Tue, 02 Nov 2010 11:45:23 GMT RTSP/1.0 200 OK CSeq: 1 Content-Type: application/sdp Content-Base: rtsp://1.00408CBEA38B/axis-media/media.amp/ Date: Tue, 02 Nov 2010 11:45:23 GMT Content-Length: 410 v=0 o=- 1288698323798001 1288698323798001 IN IP4 1.00408CBEA38B s=Media Presentation e=NONE c=IN IP4 0.0.0.0 b=AS:50000 t=0 0 a=control:* a=range:npt=0.000000- m=video 0 RTP/AVP 96 b=AS:50000 a=framerate:30.0 a=transform:1,0,0;0,1,0;0,0,1 a=control:trackID=1 a=rtpmap:96 H264/90000 a=fmtp:96 packetization-mode=1; profile-level-id=420029; sprop-parameter-sets=Z0IAKeNQFAe2AtwEBAaQeJEV,aM48gA== RTSP/1.0 200 OK CSeq: 2 Session: 3F4763D8; timeout=60 Transport: RTP/AVP/TCP;unicast;interleaved=0-1;ssrc=060922C6;mode="PLAY" Date: Tue, 02 Nov 2010 11:45:24 GMT RTSP/1.0 200 OK CSeq: 3 Session: 3F4763D8 Range: npt=0- RTP-Info: url=rtsp://1.00408CBEA38B/axis-media/media.amp/trackID=1;seq=7392;rtptime=4190934902 Date: Tue, 02 Nov 2010 11:45:24 GMT [Binary Stream Content] But when i copy this request to fiddler, I only get 200 status code with content-type set to application/x-rtsp-tunneled and there is no stream data. The only thing i do different with stream is to use Basic in authorization header instead of Digest and I do not get 401 (Un authorized) status code. Can anyone explain what's happening here? How can I write request sequences to get stream in fiddler? If it is needed, I can upload the wireshark request dump somewhere.

Read the article
Unable to install rubygems in ubuntu 10.04

- by loganathan

I had installed the ruby 1.8.7 with patch level 253 successfully on my ubuntu 10.04, but while installing ruby gems I am facing the below error, can anybody help me on this. ruby -v ruby 1.8.7 (2010-04-19 patchlevel 253) [i686-linux], MBARI 0x8770, Ruby Enterprise Edition 2010.02 gem install mongrel *** longjmp causes uninitialized stack frame ***: /usr/bin/ruby terminated ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x50)[0x3612d0] /lib/tls/i686/cmov/libc.so.6(+0xe223a)[0x36123a] /usr/bin/ruby[0x80577b9] /usr/bin/ruby[0x80577d5] /usr/bin/ruby(rb_thread_schedule+0x9fc)[0x80652ac] /usr/bin/ruby(rb_thread_kill+0x14)[0x8066c74] /usr/bin/ruby[0x806071d] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806a869] /usr/bin/ruby[0x806a290] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806a869] /usr/bin/ruby[0x806995b] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806aaa5] /usr/bin/ruby[0x8069d54] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x805df2d] /usr/bin/ruby[0x8069581] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x806a0eb] /usr/bin/ruby[0x805e630] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806aaa5] /usr/bin/ruby[0x806a715] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806a869] /usr/bin/ruby[0x805e48b] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806aaa5] /usr/bin/ruby[0x805e58a] /usr/bin/ruby[0x805e4aa] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806a869] /usr/bin/ruby[0x805e48b] /usr/bin/ruby[0x80693f1] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x806a0eb] /usr/bin/ruby[0x805e630] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806a869] /usr/bin/ruby[0x805e48b] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x806a0eb] /usr/bin/ruby[0x805e630] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x8060601] /usr/bin/ruby[0x80608b9] /usr/bin/ruby[0x806aaa5] /usr/bin/ruby[0x805e48b] /usr/bin/ruby[0x805de52] /usr/bin/ruby[0x8060601] ======= Memory map: ======== 00110000-00112000 r-xp 00000000 08:06 3805677 /usr/lib/ruby/1.8/i686-linux/etc.so 00112000-00113000 r--p 00001000 08:06 3805677 /usr/lib/ruby/1.8/i686-linux/etc.so 00113000-00114000 rw-p 00002000 08:06 3805677 /usr/lib/ruby/1.8/i686-linux/etc.so 00114000-0012e000 r-xp 00000000 08:06 3805682 /usr/lib/ruby/1.8/i686-linux/syck.so 0012e000-0012f000 r--p 00019000 08:06 3805682 /usr/lib/ruby/1.8/i686-linux/syck.so 0012f000-00130000 rw-p 0001a000 08:06 3805682 /usr/lib/ruby/1.8/i686-linux/syck.so 00130000-00131000 r-xp 00000000 08:06 3805666 /usr/lib/ruby/1.8/i686-linux/fcntl.so 00131000-00132000 r--p 00000000 08:06 3805666 /usr/lib/ruby/1.8/i686-linux/fcntl.so 00132000-00133000 rw-p 00001000 08:06 3805666 /usr/lib/ruby/1.8/i686-linux/fcntl.so 00133000-00150000 r-xp 00000000 08:06 11403438 /lib/libgcc_s.so.1 00150000-00151000 r--p 0001c000 08:06 11403438 /lib/libgcc_s.so.1 00151000-00152000 rw-p 0001d000 08:06 11403438 /lib/libgcc_s.so.1 001e2000-00206000 r-xp 00000000 08:06 11403697 /lib/tls/i686/cmov/libm-2.11.1.so 00206000-00207000 r--p 00023000 08:06 11403697 /lib/tls/i686/cmov/libm-2.11.1.so 00207000-00208000 rw-p 00024000 08:06 11403697 /lib/tls/i686/cmov/libm-2.11.1.so 0024d000-00256000 r-xp 00000000 08:06 11403688 /lib/tls/i686/cmov/libcrypt-2.11.1.so 00256000-00257000 r--p 00008000 08:06 11403688 /lib/tls/i686/cmov/libcrypt-2.11.1.so 00257000-00258000 rw-p 00009000 08:06 11403688 /lib/tls/i686/cmov/libcrypt-2.11.1.so 00258000-0027f000 rw-p 00000000 00:00 0 0027f000-003d2000 r-xp 00000000 08:06 11403695 /lib/tls/i686/cmov/libc-2.11.1.so 003d2000-003d4000 r--p 00153000 08:06 11403695 /lib/tls/i686/cmov/libc-2.11.1.so 003d4000-003d5000 rw-p 00155000 08:06 11403695 /lib/tls/i686/cmov/libc-2.11.1.so 003d5000-003d8000 rw-p 00000000 00:00 0 0047e000-00488000 r-xp 00000000 08:06 3805680 /usr/lib/ruby/1.8/i686-linux/socket.so 00488000-00489000 r--p 00009000 08:06 3805680 /usr/lib/ruby/1.8/i686-linux/socket.so 00489000-0048a000 rw-p 0000a000 08:06 3805680 /usr/lib/ruby/1.8/i686-linux/socket.so 004f2000-00507000 r-xp 00000000 08:06 11403690 /lib/tls/i686/cmov/libpthread-2.11.1.so 00507000-00508000 r--p 00014000 08:06 11403690 /lib/tls/i686/cmov/libpthread-2.11.1.so 00508000-00509000 rw-p 00015000 08:06 11403690 /lib/tls/i686/cmov/libpthread-2.11.1.so 00509000-0050b000 rw-p 00000000 00:00 0 00524000-00525000 r-xp 00000000 00:00 0 [vdso] 00544000-00557000 r-xp 00000000 08:06 11403553 /lib/libz.so.1.2.3.3 00557000-00558000 r--p 00012000 08:06 11403553 /lib/libz.so.1.2.3.3 00558000-00559000 rw-p 00013000 08:06 11403553 /lib/libz.so.1.2.3.3 00639000-0063c000 r-xp 00000000 08:06 3805679 /usr/lib/ruby/1.8/i686-linux/thread.so 0063c000-0063d000 r--p 00002000 08:06 3805679 /usr/lib/ruby/1.8/i686-linux/thread.so 0063d000-0063e000 rw-p 00003000 08:06 3805679 /usr/lib/ruby/1.8/i686-linux/thread.so 00649000-0064d000 r-xp 00000000 08:06 11403714 /lib/tls/i686/cmov/libnss_dns-2.11.1.so 0064d000-0064e000 r--p 00004000 08:06 11403714 /lib/tls/i686/cmov/libnss_dns-2.11.1.so 0064e000-0064f000 rw-p 00005000 08:06 11403714 /lib/tls/i686/cmov/libnss_dns-2.11.1.so 00663000-006a3000 r-xp 00000000 08:06 4329500 /usr/lib/ruby/site_ruby/1.8/i686-linux/openssl.so 006a3000-006a4000 r--p 0003f000 08:06 4329500 /usr/lib/ruby/site_ruby/1.8/i686-linux/openssl.so 006a4000-006a5000 rw-p 00040000 08:06 4329500 /usr/lib/ruby/site_ruby/1.8/i686-linux/openssl.so 006a5000-006a6000 rw-p 00000000 00:00 0 0070d000-0070f000 r-xp 00000000 08:06 11403689 /lib/tls/i686/cmov/libdl-2.11.1.so 0070f000-00710000 r--p 00001000 08:06 11403689 /lib/tls/i686/cmov/libdl-2.11.1.so 00710000-00711000 rw-p 00002000 08:06 11403689 /lib/tls/i686/cmov/libdl-2.11.1.so 00711000-0084b000 r-xp 00000000 08:06 11403909 /lib/libcrypto.so.0.9.8 0084b000-00853000 r--p 00139000 08:06 11403909 /lib/libcrypto.so.0.9.8 00853000-00861000 rw-p 00141000 08:06 11403909 /lib/libcrypto.so.0.9.8 00861000-00864000 rw-p 00000000 00:00 0 00864000-00865000 ---p 00000000 00:00 0 00865000-00966000 rwxp 00000000 00:00 0 00977000-00979000 r-xp 00000000 08:06 11403476 /lib/libnss_mdns4_minimal.so.2 00979000-0097a000 r--p 00001000 08:06 11403476 /lib/libnss_mdns4_minimal.so.2 0097a000-0097b000 rw-p 00002000 08:06 11403476 /lib/libnss_mdns4_minimal.so.2 009fa000-00a04000 r-xp 00000000 08:06 11403691 /lib/tls/i686/cmov/libnss_files-2.11.1.so 00a04000-00a05000 r--p 00009000 08:06 11403691 /lib/tls/i686/cmov/libnss_files-2.11.1.so 00a05000-00a06000 rw-p 0000a000 08:06 11403691 /lib/tls/i686/cmov/libnss_files-2.11.1.so 00ac0000-00ac4000 r-xp 00000000 08:06 3805670 /usr/lib/ruby/1.8/i686-linux/stringio.so 00ac4000-00ac5000 r--p 00003000 08:06 3805670 /usr/lib/ruby/1.8/i686-linux/stringio.so 00ac5000-00ac6000 rw-p 00004000 08:06 3805670 /usr/lib/ruby/1.8/i686-linux/stringio.so 00af3000-00b0e000 r-xp 00000000 08:06 11403607 /lib/ld-2.11.1.so 00b0e000-00b0f000 r--p 0001a000 08:06 11403607 /lib/ld-2.11.1.so 00b0f000-00b10000 rw-p 0001b000 08:06 11403607 /lib/ld-2.11.1.so 00c35000-00c45000 r-xp 00000000 08:06 11403692 /lib/tls/i686/cmov/libresolv-2.11.1.so 00c45000-00c46000 r--p 00010000 08:06 11403692 /lib/tls/i686/cmov/libresolv-2.11.1.so 00c46000-00c47000 rw-p 00011000 08:06 11403692 /lib/tls/i686/cmov/libresolv-2.11.1.so 00c47000-00c49000 rw-p 00000000 00:00 0 00d51000-00d59000 r-xp 00000000 08:06 4329502 /usr/lib/ruby/site_ruby/1.8/i686-linux/zlib.so 00d59000-00d5a000 r--p 00007000 08:06 4329502 /usr/lib/ruby/site_ruby/1.8/i686-linux/zlib.so 00d5a000-00d5b000 rw-p 00008000 08:06 4329502 /usr/lib/ruby/site_ruby/1.8/i686-linux/zlib.so 00d60000-00d61000 r-xp 00000000 08:06 3805664 /usr/lib/ruby/1.8/i686-linux/rational.so 00d61000-00d62000 r--p 00000000 08:06 3805664 /usr/lib/ruby/1.8/i686-linux/rational.so 00d62000-00d63000 rw-p 00001000 08:06 3805664 /usr/lib/ruby/1.8/i686-linux/rational.so 00de6000-00de9000 r-xp 00000000 08:06 3805691 /usr/lib/ruby/1.8/i686-linux/digest.so 00de9000-00dea000 r--p 00002000 08:06 3805691 /usr/lib/ruby/1.8/i686-linux/digest.so 00dea000-00deb000 rw-p 00003000 08:06 3805691 /usr/lib/ruby/1.8/i686-linux/digest.so 00e63000-00e6a000 r-xp 00000000 08:06 11403700 /lib/tls/i686/cmov/librt-2.11.1.so 00e6a000-00e6b000 r--p 00006000 08:06 11403700 /lib/tls/i686/cmov/librt-2.11.1.so 00e6b000-00e6c000 rw-p 00007000 08:06 11403700 /lib/tls/i686/cmov/librt-2.11.1.so 00f70000-00fb4000 r-xp 00000000 08:06 11403907 /lib/libssl.so.0.9.8Aborted

Read the article
Lock ups, crashing, transferring files using TrueCrypt with iSCSI

- by Anthony

I have looked into this error and it seems that it hasn't been discussed yet - or at least I can't find any information relating. I'm having issues transferring files, usually larger files over a couple of hundred MB. Here is the setup: QNAP 410 as iSCSI Target with multiple LUNs. (CRC is turned on (Data Digest and Header Digest) Server 2003 with iSCSI Initiator version 2.08 - build 3825 (I'm copying files from anothe machine to shares on Server 2003 = into TrueCrypt volume ergo onto the NAS) I have mounted the LUN and formatted it with TrueCrypt using NTFS (Full format, not a quick one). What happens is some files, mainly RAR/Compressed files, appear as if they copy but fail. I've tested this in a number of ways and can repeat the process every time. So I thought to check transfer over iSCSI without TrueCrypt in between, a plain NTFS format - no problem at all. So it would seem TrueCrypt is at least part of the problem here. I haven't tried copying directly from the server yet, I will try that. I also haven't tried it without CRC but fail to see how that would affect this. I will update with my findings later. In the meantime does anyone have any ideas as to what could be wrong? Thanks for your time. Update: I copied a set of files, the ones I was having issues with, to the server then from there I copied those into two places within the TrueCrypt volume (Mounted on the NAS). A seperate directory create in the root of the volume The same initial directory I was using in the first instance Both worked fine. So it now seems clear that this is a link between TrueCrypt, iSCSI and Windows Shares. I say this because I originally setup the whole system using TrueCrypt volume files, not iSCSI. I changed it as it didn't suit my requirements - day wasted as well. While I had this setup though I copied my entire file set to the volume files and all files copied without error - over the network, from a pc, to the server where TrueCrypt had the volume files mounted from the NAS. I didn't bother turning off CRC on the iSCSI system as I highly doubt that is the cause in light of this finding. So any ideas?

Read the article
Availability of downloadable DNSBL dumps?

- by mtah

I need to cross-reference data involving a large number of IP addresses against known public proxies, spam-listed IPs etc. For obvious performance and network load reasons, obtaining a regularly updated dump for off-line processing would be preferrable. I currently use http://www.dnsbl.manitu.net/download/nixspam-ip.dump.gz - a digest of ix.dnsbl.manitu.net with 40,000 entries updated every 15 minutes. I'd like something more substantial though, so my question is: does such a thing exist?

Read the article
How do I modify a RSS feed to combine items

- by biozinc

I've got a feed with over 30 item per day, but all I'm really looking for is a daily (or semi-daily) digest. This way, I'll only get 1-2 items a day. The site itself doesn't offer such a feed. What's the easiest way to achieve this?

Read the article
Curl_errno=55, "Failed sending network data."

- by 4dplane

Hi all: I have a php script that updates a database via an api. This script works on one server but not on another. Both servers have curl enabled and they have php 5.2.6 or above. The error happens in the do_put() method. The rest of the script seems to be fine. I have found that: curl_errno= 55 = "Failed sending network data". curl_error= select/poll returned error <?php //phpinfo(); require_once "class.DelveAuthUtil.php"; $access_key = ""; $secret = "W"; $org_id = ""; $media_id = ""; $new_tag_name = "uvideo"; $assign_tag_to_media_url = "http://api..com/rest/organizations/$org_id/media/$media_id/properties/tags/$new_tag_name"; $signed_create_new_tag_url = DAU::authenticate_request("PUT", $assign_tag_to_media_url, $access_key, $secret); # perform the creation of the new custom property $put_response = do_put($signed_create_new_tag_url); # Execute the POST function do_post($url, $params=array()) { # Combine parameters $param_string = ""; foreach ($params as $key => $value) { $value = urlencode($value); $param_string = $param_string . "&$key=$value"; } // Get the curl session object $session = curl_init($url); // Set the POST options. curl_setopt ($session, CURLOPT_POST, true); curl_setopt ($session, CURLOPT_POSTFIELDS, $param_string); curl_setopt($session, CURLOPT_HEADER, false); curl_setopt($session, CURLOPT_RETURNTRANSFER, true); // Do the POST and then close the session $response = curl_exec($session); curl_close($session); return $response; } # Execute the PUT function do_put($url) { // Get the curl session object $session = curl_init($url); print(" session= " . $session . " "); // Set the PUT options. print ("opt0= " . curl_setopt($session, CURLOPT_VERBOSE, TRUE) . " "); print ("opt1= " . curl_setopt ($session, CURLOPT_PUT, true) . " "); print ("opt2= " . curl_setopt ($session, CURLOPT_HEADER, false) . " "); print ("opt3= " . curl_setopt ($session, CURLOPT_RETURNTRANSFER, true) . " "); // Do the PUT and then close the session $response = curl_exec($session); if (curl_errno($session)) { print ( "curl_errno= " . curl_errno($session). " "); print( "curl_error= " . curl_error($session) . " "); } else { curl_close($session); } } I have small lead in the Apache log - there is an SSL issue that I do not know how to resolve. [Thu Mar 25 15:57:58 2010] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!! [Thu Mar 25 15:57:58 2010] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations [Thu Mar 25 15:58:59 2010] [notice] caught SIGTERM, shutting down [Thu Mar 25 15:58:59 2010] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Mar 25 15:58:59 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Mar 25 15:58:59 2010] [warn] RSA server certificate CommonName (CN) `yourvps.a2hosting.com' does NOT match server name!? [Thu Mar 25 15:58:59 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Mar 25 15:58:59 2010] [warn] RSA server certificate CommonName (CN) `yourvps.a2hosting.com' does NOT match server name!? [Thu Mar 25 15:58:59 2010] [warn] Init: SSL server IP/port conflict: my1.com:443 (/home/httpd/my.com/conf/kloxo.my1.com:69) vs. elggtest.my1.com:443 (/home/httpd/elggtest.my1.com/conf/kloxo.elggtest.my1.com:71) [Thu Mar 25 15:58:59 2010] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!! [Thu Mar 25 15:58:59 2010] [notice] Digest: generating secret for digest authentication ... [Thu Mar 25 15:58:59 2010] [notice] Digest: done [Thu Mar 25 15:59:00 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Mar 25 15:59:00 2010] [warn] RSA server certificate CommonName (CN) `yourvps.a2hosting.com' does NOT match server name!? [Thu Mar 25 15:59:00 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Mar 25 15:59:00 2010] [warn] RSA server certificate CommonName (CN) `yourvps.a2hosting.com' does NOT match server name!? [Thu Mar 25 15:59:00 2010] [warn] Init: SSL server IP/port conflict: my1.com:443 (/home/httpd/my1.com/conf/kloxo.my1.com:69) vs. elggtest.my1.com:443 (/home/httpd/elggtest.my1.com/conf/kloxo.elggtest.my1.com:71) [Thu Mar 25 15:59:00 2010] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!! [Thu Mar 25 15:59:00 2010] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations[/PHP] Any help would be great! Thanks, 4dplane

Read the article
Issue accessing remote Infinispan mbeans

- by user1960172

I am able to access the Mbeans by local Jconsole but not able to access the MBEANS from a remote Host. My COnfiguration: <?xml version='1.0' encoding='UTF-8'?> <server xmlns="urn:jboss:domain:1.4"> <extensions> <extension module="org.infinispan.server.endpoint"/> <extension module="org.jboss.as.clustering.infinispan"/> <extension module="org.jboss.as.clustering.jgroups"/> <extension module="org.jboss.as.connector"/> <extension module="org.jboss.as.jdr"/> <extension module="org.jboss.as.jmx"/> <extension module="org.jboss.as.logging"/> <extension module="org.jboss.as.modcluster"/> <extension module="org.jboss.as.naming"/> <extension module="org.jboss.as.remoting"/> <extension module="org.jboss.as.security"/> <extension module="org.jboss.as.threads"/> <extension module="org.jboss.as.transactions"/> <extension module="org.jboss.as.web"/> </extensions> <management> <security-realms> <security-realm name="ManagementRealm"> <authentication> <local default-user="$local"/> <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/> </authentication> </security-realm> <security-realm name="ApplicationRealm"> <authentication> <local default-user="$local" allowed-users="*"/> <properties path="application-users.properties" relative-to="jboss.server.config.dir"/> </authentication> </security-realm> </security-realms> <management-interfaces> <native-interface security-realm="ManagementRealm"> <socket-binding native="management-native"/> </native-interface> <http-interface security-realm="ManagementRealm"> <socket-binding http="management-http"/> </http-interface> </management-interfaces> </management> <profile> <subsystem xmlns="urn:jboss:domain:logging:1.2"> <console-handler name="CONSOLE"> <level name="INFO"/> <formatter> <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%E%n"/> </formatter> </console-handler> <periodic-rotating-file-handler name="FILE" autoflush="true"> <formatter> <pattern-formatter pattern="%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%E%n"/> </formatter> <file relative-to="jboss.server.log.dir" path="server.log"/> <suffix value=".yyyy-MM-dd"/> <append value="true"/> </periodic-rotating-file-handler> <logger category="com.arjuna"> <level name="WARN"/> </logger> <logger category="org.apache.tomcat.util.modeler"> <level name="WARN"/> </logger> <logger category="org.jboss.as.config"> <level name="DEBUG"/> </logger> <logger category="sun.rmi"> <level name="WARN"/> </logger> <logger category="jacorb"> <level name="WARN"/> </logger> <logger category="jacorb.config"> <level name="ERROR"/> </logger> <root-logger> <level name="INFO"/> <handlers> <handler name="CONSOLE"/> <handler name="FILE"/> </handlers> </root-logger> </subsystem> <subsystem xmlns="urn:infinispan:server:endpoint:6.0"> <hotrod-connector socket-binding="hotrod" cache-container="clustered"> <topology-state-transfer lazy-retrieval="false" lock-timeout="1000" replication-timeout="5000"/> </hotrod-connector> <memcached-connector socket-binding="memcached" cache-container="clustered"/>  <rest-connector virtual-server="default-host" cache-container="clustered" /> <websocket-connector socket-binding="websocket" cache-container="clustered"/> </subsystem> <subsystem xmlns="urn:jboss:domain:datasources:1.1"> <datasources/> </subsystem> <subsystem xmlns="urn:infinispan:server:core:5.3" default-cache-container="clustered"> <cache-container name="clustered" default-cache="default"> <transport executor="infinispan-transport" lock-timeout="60000"/> <distributed-cache name="default" mode="SYNC" segments="20" owners="2" remote-timeout="30000" start="EAGER"> <locking isolation="READ_COMMITTED" acquire-timeout="30000" concurrency-level="1000" striping="false"/> <transaction mode="NONE"/> </distributed-cache> <distributed-cache name="memcachedCache" mode="SYNC" segments="20" owners="2" remote-timeout="30000" start="EAGER"> <locking isolation="READ_COMMITTED" acquire-timeout="30000" concurrency-level="1000" striping="false"/> <transaction mode="NONE"/> </distributed-cache> <distributed-cache name="namedCache" mode="SYNC" start="EAGER"/> </cache-container> <cache-container name="security"/> </subsystem> <subsystem xmlns="urn:jboss:domain:jca:1.1"> <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/> <bean-validation enabled="true"/> <default-workmanager> <short-running-threads> <core-threads count="50"/> <queue-length count="50"/> <max-threads count="50"/> <keepalive-time time="10" unit="seconds"/> </short-running-threads> <long-running-threads> <core-threads count="50"/> <queue-length count="50"/> <max-threads count="50"/> <keepalive-time time="10" unit="seconds"/> </long-running-threads> </default-workmanager> <cached-connection-manager/> </subsystem> <subsystem xmlns="urn:jboss:domain:jdr:1.0"/> <subsystem xmlns="urn:jboss:domain:jgroups:1.2" default-stack="${jboss.default.jgroups.stack:udp}"> <stack name="udp"> <transport type="UDP" socket-binding="jgroups-udp"/> <protocol type="PING"/> <protocol type="MERGE2"/> <protocol type="FD_SOCK" socket-binding="jgroups-udp-fd"/> <protocol type="FD_ALL"/> <protocol type="pbcast.NAKACK"/> <protocol type="UNICAST2"/> <protocol type="pbcast.STABLE"/> <protocol type="pbcast.GMS"/> <protocol type="UFC"/> <protocol type="MFC"/> <protocol type="FRAG2"/> <protocol type="RSVP"/> </stack> <stack name="tcp"> <transport type="TCP" socket-binding="jgroups-tcp"/>  <protocol type="TCPPING"> <property name="initial_hosts">10.32.50.53[7600],10.32.50.64[7600]</property> </protocol> <protocol type="MERGE2"/> <protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/> <protocol type="FD"/> <protocol type="VERIFY_SUSPECT"/> <protocol type="pbcast.NAKACK"> <property name="use_mcast_xmit">false</property> </protocol> <protocol type="UNICAST2"/> <protocol type="pbcast.STABLE"/> <protocol type="pbcast.GMS"/> <protocol type="UFC"/> <protocol type="MFC"/> <protocol type="FRAG2"/> <protocol type="RSVP"/> </stack> </subsystem> <subsystem xmlns="urn:jboss:domain:jmx:1.1"> <show-model value="true"/> <remoting-connector use-management-endpoint="false"/> </subsystem> <subsystem xmlns="urn:jboss:domain:modcluster:1.1"> <mod-cluster-config advertise-socket="modcluster" connector="ajp" excluded-contexts="console"> <dynamic-load-provider> <load-metric type="busyness"/> </dynamic-load-provider> </mod-cluster-config> </subsystem> <subsystem xmlns="urn:jboss:domain:naming:1.2"/> <subsystem xmlns="urn:jboss:domain:remoting:1.1"> <connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/> </subsystem> <subsystem xmlns="urn:jboss:domain:security:1.2"> <security-domains> <security-domain name="other" cache-type="infinispan"> <authentication> <login-module code="Remoting" flag="optional"> <module-option name="password-stacking" value="useFirstPass"/> </login-module> <login-module code="RealmUsersRoles" flag="required"> <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/> <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/> <module-option name="realm" value="ApplicationRealm"/> <module-option name="password-stacking" value="useFirstPass"/> </login-module> </authentication> </security-domain> <security-domain name="jboss-web-policy" cache-type="infinispan"> <authorization> <policy-module code="Delegating" flag="required"/> </authorization> </security-domain> </security-domains> </subsystem> <subsystem xmlns="urn:jboss:domain:threads:1.1"> <thread-factory name="infinispan-factory" group-name="infinispan" priority="5"/> <unbounded-queue-thread-pool name="infinispan-transport"> <max-threads count="25"/> <keepalive-time time="0" unit="milliseconds"/> <thread-factory name="infinispan-factory"/> </unbounded-queue-thread-pool> </subsystem> <subsystem xmlns="urn:jboss:domain:transactions:1.2"> <core-environment> <process-id> <uuid/> </process-id> </core-environment> <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/> <coordinator-environment default-timeout="300"/> </subsystem> <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false"> <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/> <connector name="ajp" protocol="AJP/1.3" scheme="http" socket-binding="ajp"/> <virtual-server name="default-host" enable-welcome-root="false"> <alias name="localhost"/> <alias name="example.com"/> </virtual-server> </subsystem> </profile> <interfaces> <interface name="management"> <inet-address value="${jboss.bind.address.management:10.32.222.111}"/> </interface> <interface name="public"> <inet-address value="${jboss.bind.address:10.32.222.111}"/> </interface> </interfaces> <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}"> <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/> <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/> <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/> <socket-binding name="ajp" port="8089"/> <socket-binding name="hotrod" port="11222"/> <socket-binding name="http" port="8080"/> <socket-binding name="https" port="8443"/> <socket-binding name="jgroups-mping" port="0" multicast-address="${jboss.default.multicast.address:234.99.54.14}" multicast-port="45700"/> <socket-binding name="jgroups-tcp" port="7600"/> <socket-binding name="jgroups-tcp-fd" port="57600"/> <socket-binding name="jgroups-udp" port="55200" multicast-address="${jboss.default.multicast.address:234.99.54.14}" multicast-port="45688"/> <socket-binding name="jgroups-udp-fd" port="54200"/> <socket-binding name="memcached" port="11211"/> <socket-binding name="modcluster" port="0" multicast-address="224.0.1.115" multicast-port="23364"/> <socket-binding name="remoting" port="4447"/> <socket-binding name="txn-recovery-environment" port="4712"/> <socket-binding name="txn-status-manager" port="4713"/> <socket-binding name="websocket" port="8181"/> </socket-binding-group> </server> Remote Process: service:jmx:remoting-jmx://10.32.222.111:4447 I added user to both management and application realm admin=2a0923285184943425d1f53ddd58ec7a test=2b1be81e1da41d4ea647bd82fc8c2bc9 But when i try to connect its says's: Connection failed: Retry When i use Remote process as:10.32.222.111:4447 on the sever it prompts a warning : 16:29:48,084 ERROR [org.jboss.remoting.remote.connection] (Remoting "djd7w4r1" read-1) JBREM000200: Remote connection failed: java.io.IOException: Received an invali d message length of -2140864253 Also disabled Remote authentication: -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=12345 Still not able to connect. Any help will be highly appreciated . Thanks

Read the article
A Web exception occurred because an HTTP 503 - ServiceUnavailable response was received from Unknown

- by Dai

As far as I can tell my Exchange 2010 Mailbox and Client Access server is working fine except for Outlook Anywhere. I fired up the Exchange Connectivity Tester and ran it against my server and I get this report: Part 5 Testing HTTP Authentication Methods for URL https://mail.contoso.com/rpc/rpcproxy.dll?server6.corp.contoso.com:6002. The HTTP authentication test failed. Additional details: A Web exception occurred because an HTTP 503 - ServiceUnavailable response was received from Unknown. When I do a search for "ServiceUnavailable response was received from Unknown." I get only a couple of relevant results, including a 22k-view Exchange Forum thread, but none of the solutions discussed help. There is nothing of relevance in the server's Event Log. mail.contoso.com is the public domain name of the CAS/MB/HT server. server6.corp.contoso.com is the internal domain name of the server.

Read the article
Testing radius server from Mac OS X client

- by Calvin Froedge

I have a radius server set up on a server running Ubuntu 11.04. I have configured my switch to use the authentication server's IP (192.168.1.2) for RADIUS / 802.1x authentication, and I created a connection to test connecting from my Mac OSX client. Here is my radius configuration for the client: client 192.168.1.0/16 { secret = testing123 } I can successfully authenticate using both 127.0.0.1 (localhost) and 192.168.1.2 (ip of eth1), so I know radius is getting those requests. I set up a connection to test from my macbook, and my requests are timing out. http://screencast.com/t/tMhRLS3H7 Is there a better way to test the radius connection from my macbook? Thanks! UPDATE: I was able to successfully test on Mac OSX client using RadPerf. This is available as a cross-platform command line tool.

Read the article
Cisco ASA 5505 - L2TP over IPsec

- by xraminx

I have followed this document on cisco site to set up the L2TP over IPsec connection. When I try to establish a VPN to ASA 5505 from my Windows XP, after I click on "connect" button, the "Connecting ...." dialog box appears and after a while I get this error message: Error 800: Unable to establish VPN connection. The VPN server may be unreachable, or security parameters may not be configured properly for this connection. ASA version 7.2(4) ASDM version 5.2(4) Windows XP SP3 Windows XP and ASA 5505 are on the same LAN for test purposes. Edit 1: There are two VLANs defined on the cisco device (the standard setup on cisco ASA5505). - port 0 is on VLAN2, outside; - and ports 1 to 7 on VLAN1, inside. I run a cable from my linksys home router (10.50.10.1) to the cisco ASA5505 router on port 0 (outside). Port 0 have IP 192.168.1.1 used internally by cisco and I have also assigned the external IP 10.50.10.206 to port 0 (outside). I run a cable from Windows XP to Cisco router on port 1 (inside). Port 1 is assigned an IP from Cisco router 192.168.1.2. The Windows XP is also connected to my linksys home router via wireless (10.50.10.141). Edit 2: When I try to establish vpn, the Cisco device real time Log viewer shows 7 entries like this: Severity:5 Date:Sep 15 2009 Time: 14:51:29 SyslogID: 713904 Destination IP = 10.50.10.141, Decription: No crypto map bound to interface... dropping pkt Edit 3: This is the setup on the router right now. Result of the command: "show run" : Saved : ASA Version 7.2(4) ! hostname ciscoasa domain-name default.domain.invalid enable password HGFHGFGHFHGHGFHGF encrypted passwd NMMNMNMNMNMNMN encrypted names name 192.168.1.200 WebServer1 name 10.50.10.206 external-ip-address ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address external-ip-address 255.0.0.0 ! interface Vlan3 no nameif security-level 50 no ip address ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! ftp mode passive dns server-group DefaultDNS domain-name default.domain.invalid object-group service l2tp udp port-object eq 1701 access-list outside_access_in remark Allow incoming tcp/http access-list outside_access_in extended permit tcp any host WebServer1 eq www access-list outside_access_in extended permit udp any any eq 1701 access-list inside_nat0_outbound extended permit ip any 192.168.1.208 255.255.255.240 access-list inside_cryptomap_1 extended permit ip interface outside interface inside pager lines 24 logging enable logging asdm informational mtu inside 1500 mtu outside 1500 ip local pool PPTP-VPN 192.168.1.210-192.168.1.220 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-524.bin no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 static (inside,outside) tcp interface www WebServer1 www netmask 255.255.255.255 access-group outside_access_in in interface outside timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute http server enable http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport crypto ipsec transform-set TRANS_ESP_3DES_MD5 esp-3des esp-md5-hmac crypto ipsec transform-set TRANS_ESP_3DES_MD5 mode transport crypto map outside_map 1 match address inside_cryptomap_1 crypto map outside_map 1 set transform-set TRANS_ESP_3DES_MD5 crypto map outside_map interface inside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash md5 group 2 lifetime 86400 telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd auto_config outside ! dhcpd address 192.168.1.2-192.168.1.33 inside dhcpd enable inside ! group-policy DefaultRAGroup internal group-policy DefaultRAGroup attributes dns-server value 192.168.1.1 vpn-tunnel-protocol IPSec l2tp-ipsec username myusername password FGHFGHFHGFHGFGFHF nt-encrypted tunnel-group DefaultRAGroup general-attributes address-pool PPTP-VPN default-group-policy DefaultRAGroup tunnel-group DefaultRAGroup ipsec-attributes pre-shared-key * tunnel-group DefaultRAGroup ppp-attributes no authentication chap authentication ms-chap-v2 ! ! prompt hostname context Cryptochecksum:a9331e84064f27e6220a8667bf5076c1 : end

Read the article
Can't join OS X Mavericks to AD Domain

- by watkipet

I'm attempting to join an OS X Mavericks (10.9) client to a Windows Server 2008 Active Directory domain, however the bind fails with this error in the OS X client's system.log: Oct 24 15:03:15 host.domain.com com.apple.preferences.users.remoteservice[5547]: -[ODCAddServerSheetController handleOtherActionError: gotError: Error Domain=com.apple.OpenDirectory Code=5202 "Authentication server encountered an error while attempting the requested operation." UserInfo=0x7f9e6cb3e180 {NSLocalizedDescription=Authentication server encountered an error while attempting the requested operation., NSLocalizedFailureReason=Authentication server encountered an error while attempting the requested operation.}, Authentication server encountered an error while attempting the requested operation. I've joined (bound) Ubuntu Linux clients to the same domain with net ads join in the past with no problems (using the same administrative user). I don't have access to any server logs. Here's the GUI error (from Directory Utility) on the OS X client: Here's the GUI error (from User's and Groups) in System Preferences on the OS X client: Update After some Wiresharking I've got some more info: OS X Client - KDC (over UDP): AS_REQ (no padata) OS X Client <- KDC (over UDP): KRB5KDC_ERR_PREAUTH_REQUIRED OS X Client - KDC (over UDP): AS_REQ (this time with PA-ENC-TIMESTAMP in padata) OS X Client <- KDC (over UDP): KRB5KDC_ERR_RESPONSE_TOO_BIG OS X Client - KDC (over TCP): AS_REQ (also with PA-ENC-TIMESTAMP in padata) OS X Client <- KDC (over TCP): KDC_ERR_ETYPE_NOSUPP ...and that's it. This is what I think is going on: The OS X client sends a kerberos request. The KDC says, "You need to pre-authenticate. Try again" The OS X client tries to pre-authenticate (all this so far is over UDP) Something gets lost on our network and the KDC says, "Oops something went wrong" The OS X client switches to TCP and tries again. Over TCP, the KDC says, "You're using an encryption type I don't support" Note that in its padata records, the OS X client is always using "aes256-cts-hmac-sha1-96" as its encryption type. However, in its KDC_REQ_BODY record it lists the aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, des3-cbc-sha1, and rc4-hmac encryption types. When the KDC comes back with KDC_ERR_ETYPE_NOSUPP, it uses rc4-hmac as its encryption type in its padata record. I know next to nothing about Kerberos, but it seems to me that the OS X client should go ahead and try the rc4-hmac encryption type. However, it does nothing after this. Update 2 Here's the debug log from Directory Services on the OS X client. Sorry--it's long. 2013-10-25 14:19:13.219128 PDT - 10544.20463 - ODNodeCustomCall request, NodeID: 52A65FAE-4B24-455D-86EC-2199A780D234, Code: 80 2013-10-25 14:19:13.220409 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - client requested OU - 'CN=Computers,DC=domain,DC=com' 2013-10-25 14:19:13.220427 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - Binding using '[email protected]' for kerberos ID 2013-10-25 14:19:13.220571 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - new kerberos credential cache 'MEMORY:0x7fa713635470' for '[email protected]' 2013-10-25 14:19:13.220623 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: loop 1 2013-10-25 14:19:13.220639 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - KDC send 0 patypes 2013-10-25 14:19:13.220653 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - fast disabled, not doing any fast wrapping 2013-10-25 14:19:13.220699 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - Trying to find service kdc for realm DOMAIN.COM flags 0 2013-10-25 14:19:13.221275 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - submissing new requests to new host 2013-10-25 14:19:13.221326 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - connecting to host: udp 192.168.0.1:kerberos (192.168.0.1) tid: 00000001 2013-10-25 14:19:13.221373 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - writing packet: udp 192.168.0.1:kerberos (192.168.0.1) tid: 00000001 2013-10-25 14:19:13.222588 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - reading packet: udp 192.168.0.1:kerberos (192.168.0.1) tid: 00000001 2013-10-25 14:19:13.222617 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - host completed: udp 192.168.0.1:kerberos (192.168.0.1) tid: 00000001 2013-10-25 14:19:13.222665 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_sendto_context DOMAIN.COM done: 0 hosts 1 packets 1 wc: 0.001960 nr: 0.000000 kh: 0.000560 tid: 00000001 2013-10-25 14:19:13.222705 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: loop 2 2013-10-25 14:19:13.222737 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: processing input 2013-10-25 14:19:13.222752 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: got an KRB-ERROR from KDC 2013-10-25 14:19:13.222775 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: KRB-ERROR -1765328359/Additional pre-authentication required 2013-10-25 14:19:13.222791 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - KDC send 4 patypes 2013-10-25 14:19:13.222800 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - KDC send PA-DATA type: 19 2013-10-25 14:19:13.222808 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - KDC send PA-DATA type: 2 2013-10-25 14:19:13.222816 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - KDC send PA-DATA type: 16 2013-10-25 14:19:13.222825 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - KDC send PA-DATA type: 15 2013-10-25 14:19:13.222840 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: using ENC-TS with enctype 18 2013-10-25 14:19:13.222850 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: using default_s2k_func 2013-10-25 14:19:13.227443 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - fast disabled, not doing any fast wrapping 2013-10-25 14:19:13.227502 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - Trying to find service kdc for realm DOMAIN.COM flags 0 2013-10-25 14:19:13.228233 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - submissing new requests to new host 2013-10-25 14:19:13.228320 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - connecting to host: udp 192.168.0.1:kerberos (192.168.0.1) tid: 00010001 2013-10-25 14:19:13.228374 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - writing packet: udp 192.168.0.1:kerberos (192.168.0.1) tid: 00010001 2013-10-25 14:19:13.229930 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - reading packet: udp 192.168.0.1:kerberos (192.168.0.1) tid: 00010001 2013-10-25 14:19:13.229957 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - host completed: udp 192.168.0.1:kerberos (192.168.0.1) tid: 00010001 2013-10-25 14:19:13.229975 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_sendto trying over again (reset): 0 2013-10-25 14:19:13.230023 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - Trying to find service kdc for realm DOMAIN.COM flags 2 2013-10-25 14:19:13.230664 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - submissing new requests to new host 2013-10-25 14:19:13.230726 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - connecting to host: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00010002 2013-10-25 14:19:13.230818 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - connecting to 11: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00010002 2013-10-25 14:19:13.231101 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - writing packet: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00010002 2013-10-25 14:19:13.232743 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - reading packet: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00010002 2013-10-25 14:19:13.232777 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - host completed: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00010002 2013-10-25 14:19:13.232798 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_sendto_context DOMAIN.COM done: 0 hosts 2 packets 2 wc: 0.005316 nr: 0.000000 kh: 0.001339 tid: 00010002 2013-10-25 14:19:13.232856 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: loop 3 2013-10-25 14:19:13.232868 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: processing input 2013-10-25 14:19:13.232900 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: using keyproc 2013-10-25 14:19:13.232910 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: using default_s2k_func 2013-10-25 14:19:13.236487 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: extracting ticket 2013-10-25 14:19:13.236557 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_init_creds: wc: 0.015944 2013-10-25 14:19:13.237022 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - Trying to find service kdc for realm DOMAIN.COM flags 2 2013-10-25 14:19:13.237444 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - submissing new requests to new host 2013-10-25 14:19:13.237482 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - connecting to host: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00020001 2013-10-25 14:19:13.237551 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - connecting to 11: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00020001 2013-10-25 14:19:13.237900 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - writing packet: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00020001 2013-10-25 14:19:13.238616 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - reading packet: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00020001 2013-10-25 14:19:13.238645 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - host completed: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00020001 2013-10-25 14:19:13.238674 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_sendto_context DOMAIN.COM done: 0 hosts 1 packets 1 wc: 0.001656 nr: 0.000000 kh: 0.000409 tid: 00020001 2013-10-25 14:19:13.238839 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - Trying to find service kdc for realm DOMAIN.COM flags 2 2013-10-25 14:19:13.239302 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - submissing new requests to new host 2013-10-25 14:19:13.239360 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - connecting to host: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00030001 2013-10-25 14:19:13.239429 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - connecting to 11: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00030001 2013-10-25 14:19:13.239683 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - writing packet: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00030001 2013-10-25 14:19:13.240350 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - reading packet: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00030001 2013-10-25 14:19:13.240387 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - host completed: tcp 192.168.0.1:kerberos (192.168.0.1) tid: 00030001 2013-10-25 14:19:13.240415 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_sendto_context DOMAIN.COM done: 0 hosts 1 packets 1 wc: 0.001578 nr: 0.000000 kh: 0.000445 tid: 00030001 2013-10-25 14:19:13.240514 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - krb5_credential - krb5_get_credentials_with_flags: DOMAIN.COM wc: 0.003615 2013-10-25 14:19:13.240537 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - valid credentials for [email protected] 2013-10-25 14:19:13.240541 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - switching to cache 'MEMORY:0x7fa713635470' 2013-10-25 14:19:13.240545 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - switching GSS to cache 'MEMORY:0x7fa713635470 2013-10-25 14:19:13.240555 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - Bind Step 5 - Bind/Join computer to domain - 'domain.com' 2013-10-25 14:19:13.241345 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - resolving 'server.domain.com' 2013-10-25 14:19:13.241646 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - added socket 12 for host 'server.domain.com:389' address '192.168.0.2' to kqueue list 2013-10-25 14:19:13.241930 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - Setting kerberos server for 'Kerberos:DOMAIN.COM' to 'server.domain.com' 2013-10-25 14:19:13.241962 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - switching to cache 'MEMORY:0x7fa713635470' 2013-10-25 14:19:13.241969 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - switching GSS to cache 'MEMORY:0x7fa713635470 2013-10-25 14:19:13.242231 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - GSSAPI allow Confidentiality 2013-10-25 14:19:13.242234 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - setting realm 'DOMAIN.COM' for node '/Active Directory/domain.com' 2013-10-25 14:19:13.242239 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - GSSAPI allow Integrity (signing) 2013-10-25 14:19:13.242274 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - GSSAPI using hostname 'server.domain.com' 2013-10-25 14:19:13.242282 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - GSSAPI using initiator credential '[email protected]' 2013-10-25 14:19:13.250771 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - Authenticate to LDAP using Kerberos credential - 0 2013-10-25 14:19:13.250784 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - verified connectivity to '192.168.0.2' with socket 12 2013-10-25 14:19:13.251513 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - locating site using domain domain.com using CLDAP 2013-10-25 14:19:13.252145 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - using site of 'DOMAINGROUP' from CLDAP 2013-10-25 14:19:13.253626 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - resolving 'server2.domain.com' 2013-10-25 14:19:13.253933 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - added socket 13 for host 'server2.domain.com:389' address '192.168.0.1' to kqueue list 2013-10-25 14:19:13.254428 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - Setting kerberos server for 'Kerberos:DOMAIN.COM' to 'server2.domain.com' 2013-10-25 14:19:13.254462 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - switching to cache 'MEMORY:0x7fa713635470' 2013-10-25 14:19:13.254468 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - switching GSS to cache 'MEMORY:0x7fa713635470 2013-10-25 14:19:13.254617 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - setting realm 'DOMAIN.COM' for node '/Active Directory/domain.com' 2013-10-25 14:19:13.254661 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - GSSAPI allow Confidentiality 2013-10-25 14:19:13.254670 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - GSSAPI allow Integrity (signing) 2013-10-25 14:19:13.254689 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - GSSAPI using hostname 'server2.domain.com' 2013-10-25 14:19:13.254695 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - GSSAPI using initiator credential '[email protected]' 2013-10-25 14:19:13.262092 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - Authenticate to LDAP using Kerberos credential - 0 2013-10-25 14:19:13.262108 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - verified connectivity to '192.168.0.1' with socket 13 2013-10-25 14:19:13.262982 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - Computer account either already exists or DC is already Read/Write 2013-10-25 14:19:13.264968 PDT - 10544.20463, Node: /Active Directory, Module: ActiveDirectory - Adding record 'cn=spike,CN=Computers,DC=domain,DC=com' in 'domain.com' The failure point seems to be Computer account either already exists or DC is already Read/Write, however, I can search for 'spike' on the Active Directory server using Active Directory Explorer and it's not there. If I do the same search for the Linux and Windows PCs I added previously, I can find them.

Read the article
OpenVPN Error : TLS Error: local/remote TLS keys are out of sync: [AF_INET]

- by Lucidity

Fist off thanks for reading this, I appreciate any and all suggestions. I am having some serious problems reconnecting to my OpenVPN client using Riseup.net's VPN. I have spent a few days banging my head against the wall in attempts to set this up on my iOS devices....but that is a whole other issue. I was however able to set it up on my Mac OS X specifically on my Windows Vista 32 bit BootCamp VM with relatively little trouble. To originally connect I only had to modify the recommended Config file very slightly (Config file included at the end of this post): - I had to enter the code directly into my config file - And change "dev tap" to "dev tun" So I was connected. (Note - I did test to ensure the VPN was actually working after I originally connected, it was. Also verified the .pem file (inserted as the coding in my config file) for authenticity). I left the VPN running. My computer went to sleep. Today I went to use the internet expecting (possibly incorrectly - I am now unsure if I was wrong to leave it running) to still be connected to the VPN. However I saw immediately I was not. I went to reconnect. And was (am) unable to. My logs after attempting to connect (and getting a connection failed dialog box) show everything working as it should (as far as I can tell) until the end where I get the following lines: Mon Sep 23 21:07:49 2013 us=276809 Initialization Sequence Completed Mon Sep 23 21:07:49 2013 us=276809 MANAGEMENT: >STATE:1379995669,CONNECTED,SUCCESS, OMITTED Mon Sep 23 21:22:50 2013 us=390350 Authenticate/Decrypt packet error: packet HMAC authentication failed Mon Sep 23 21:23:39 2013 us=862180 TLS Error: local/remote TLS keys are out of sync: [AF_INET] VPN IP OMITTED [2] Mon Sep 23 21:23:57 2013 us=395183 Authenticate/Decrypt packet error: packet HMAC authentication failed Mon Sep 23 22:07:41 2013 us=296898 TLS: soft reset sec=0 bytes=513834601/0 pkts=708032/0 Mon Sep 23 22:07:41 2013 us=671299 VERIFY OK: depth=1, C=US, O=Riseup Networks, L=Seattle, ST=WA, CN=Riseup Networks, [email protected] Mon Sep 23 22:07:41 2013 us=671299 VERIFY OK: depth=0, C=US, O=Riseup Networks, L=Seattle, ST=WA, CN=vpn.riseup.net Mon Sep 23 22:07:46 2013 us=772508 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Mon Sep 23 22:07:46 2013 us=772508 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Sep 23 22:07:46 2013 us=772508 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Mon Sep 23 22:07:46 2013 us=772508 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Sep 23 22:07:46 2013 us=772508 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA So I have searched for a solution online and I have included what I have attempted below, however I fear (know) I am not knowledgeable enough in this area to fix this myself. I apologize in advance for my ignorance. I do tech support for a living, but not this kind of tech support unfortunately. Other notes and troubleshooting done - - Windows Firewall is disabled completely, as well as other Anti-virus programs - Tor is disabled completely - No Proxies running - Time is correct in all locations - Router Firmware is up to date - Able to connect to the internet and as far as I can tell all necessary ports are open. - No settings have been altered since I was able to connect successfully. - Ethernet as well as wifi connections attempted, resulted in same error. Also tried adding the following lines to my config file (without success or change in error): persist-key persist-tun proto tcp (after reading that this error generally occurs on UDP connections, and is extremely rare on TCP) resolv-retry infinite (thinking the connection may have timed out since the issues occurred after leaving VPN connected during about 10 hrs of computer in sleep mode) All attempts resulted in exact same error code included at the top of this post. The original suggestions I found online stated - (regarding the TLS Error) - This error should resolve itself within 60 seconds, or if not quit wait 120 seconds and try again. (Which isnt the case here...) (regarding the Out of Sync" error) - If you continue to get "out of sync" errors and the link does not come up, then it means that something is probably wrong with your config file. You must use either ping and ping-restart on both sides of the connection, or keepalive on the server side of a client/server connection, in order to gracefully recover from "local/remote TLS keys are out of sync" errors. I wouldn't be surprised if my config file is lacking, or not correct. However I can confirm I followed the instructions to a tee. And was able to connect originally (and have not modified my settings or config file since I was able to connect to when the error began occurring). I have a very simple config file: client dev tun tun-mtu 1500 remote vpn.riseup.net auth-user-pass ca RiseupCA.pem redirect-gateway verb 4 <ca> -----BEGIN CERTIFICATE----- [OMITTED] -----END CERTIFICATE----- </ca> I would really appreciate any help or suggestions. I am at a total loss here, I know I'm asking a lot here. Though I am a new user on this site I help others on many forums including Microsoft's support community and especially Apple's support communities, so I will definitely pass on anything I learn here to help others. Thanks so so so much in advance for reading this.

Read the article
AD DS or AD LDS

- by rajeevrautela

Hi all, Greeetings !!! I need a suggestion about having AD DS or AD LDS for my infrastructure. So lets begin, Ex. I am having a website which as of now do not have any log in facility for the visitors, now we are developing a new application so that the visitors can create account on the website. the best example you can think of is of any telecom service provider, they have their webiste and now is creating a login facility for it's customers so the users can create an account and can subscribe for ebill sort of facilties. Hope the situation is clear now. for this particular application, i intend to have a web server, an application server, a DB server, one SMTP server and one AD server(for authentication of users and for saving the profiles also). My question here starts on AD front, here do i need AD DS or AD LDS here, what i need from AD is 1) provide user authentication, 2) provide role based access. this is my query. hope i'll get the answer very soon.

Read the article
How to set up spf records to send mail from google hosted apps to gmail addresses

- by Chris Adams

Hi there, I'm trying to work out why email I send from one domain I own is rejected by another that I own, and while I think it may be related to how I've setup spf records, I'm not sure what steps I need to take to fix it. Here's the error message I receive: Technical details of permanent failure: Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550-Verification failed for <[email protected]> 550-No Such User Here 550 Sender verify failed (state 14). Here's the response from [email protected] Delivered-To: [email protected] Received: by 10.86.92.9 with SMTP id p9cs85371fgb; Wed, 2 Sep 2009 22:33:32 -0700 (PDT) Received: by 10.90.205.4 with SMTP id c4mr2406190agg.29.1251956007562; Wed, 02 Sep 2009 22:33:27 -0700 (PDT) Return-Path: <[email protected]> Received: from verifier.port25.com (207-36-201-235.ptr.primarydns.com [207.36.201.235]) by mx.google.com with ESMTP id 26si831174aga.24.2009.09.02.22.33.25; Wed, 02 Sep 2009 22:33:26 -0700 (PDT) Received-SPF: pass (google.com: domain of [email protected] designates 207.36.201.235 as permitted sender) client-ip=207.36.201.235; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 207.36.201.235 as permitted sender) [email protected]; dkim=pass [email protected] DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=auth; d=port25.com; h=Date:From:To:Subject:Message-Id:In-Reply-To; [email protected]; bh=GRMrcnoucTl4upzqJYTG5sOZMLU=; b=uk6TjADEyZVRkceQGjH94ZzfVeRTsiZPzbXuhlqDt1m+kh1zmdUEoiTOzd89ryCHMbVcnG1JajBj 5vOMKYtA3g== DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=auth; d=port25.com; b=NqKCPK00Xt49lbeO009xy4ZRgMGpghvcgfhjNy7+qI89XKTzi6IUW0hYqCQyHkd2p5a1Zjez2ZMC l0u9CpZD3Q==; Received: from verifier.port25.com (127.0.0.1) by verifier.port25.com (PowerMTA(TM) v3.6a1) id hjt9pq0hse8u for <[email protected]>; Thu, 3 Sep 2009 01:26:52 -0400 (envelope-from <[email protected]>) Date: Thu, 3 Sep 2009 01:26:52 -0400 From: [email protected] To: [email protected] Subject: Authentication Report Message-Id: <[email protected]> Precedence: junk (auto_reply) In-Reply-To: <[email protected]> This message is an automatic response from Port25's authentication verifier service at verifier.port25.com. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community. While it is not officially supported, we welcome any feedback you may have at <[email protected]>. Thank you for using the verifier, The Port25 Solutions, Inc. team ========================================================== Summary of Results ========================================================== SPF check: pass DomainKeys check: neutral DKIM check: neutral Sender-ID check: pass SpamAssassin check: ham ========================================================== Details: ========================================================== HELO hostname: fg-out-1718.google.com Source IP: 72.14.220.158 mail-from: [email protected] ---------------------------------------------------------- SPF check details: ---------------------------------------------------------- Result: pass ID(s) verified: [email protected] DNS record(s): stemcel.co.uk. 14400 IN TXT "v=spf1 include:aspmx.googlemail.com ~all" aspmx.googlemail.com. 7200 IN TXT "v=spf1 redirect=_spf.google.com" _spf.google.com. 300 IN TXT "v=spf1 ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ?all" ---------------------------------------------------------- DomainKeys check details: ---------------------------------------------------------- Result: neutral (message not signed) ID(s) verified: [email protected] DNS record(s): ---------------------------------------------------------- DKIM check details: ---------------------------------------------------------- Result: neutral (message not signed) ID(s) verified: NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions. If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM. ---------------------------------------------------------- Sender-ID check details: ---------------------------------------------------------- Result: pass ID(s) verified: [email protected] DNS record(s): stemcel.co.uk. 14400 IN TXT "v=spf1 include:aspmx.googlemail.com ~all" aspmx.googlemail.com. 7200 IN TXT "v=spf1 redirect=_spf.google.com" _spf.google.com. 300 IN TXT "v=spf1 ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ?all" ---------------------------------------------------------- SpamAssassin check details: ---------------------------------------------------------- SpamAssassin v3.2.5 (2008-06-10) Result: ham (-2.6 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1% [score: 0.0000] 0.0 HTML_MESSAGE BODY: HTML included in message I've registered the spf records for my domain, as advised here Both domains pass validate according to Kitterman's spf record testing tools, so I'm somewhat confused about this. I also have the catchall address set up on the stemcel.co.uk domain here, but I don't have one setup for chrisadams.me.uk. Instead, we have the following forwarders setup [email protected] to [email protected] [email protected] to [email protected] [email protected] to [email protected] [email protected] to [email protected] Any ideas how to get this working? I'm not sure what I should be looking for here.

Read the article
ssl_error_handshake_failure_alert with Commercial CA-based client certificate

- by Bryan

Attempting to implement client authentication with an SSL cert. http://www.modssl.org/docs/2.8/ssl_howto.html#auth-selective Receive the following errors. Apache: Re-negotiation handshake failed: Not accepted by client!? Firefox: ssl_error_handshake_failure_alert I assume it is a configuration error, but have not been able to locate it. Additional info: Commercial CA server cert servers secure works without problem in Apache 2.2 & Passenger. Only client authentication related directives do not work.

Read the article
Cancel Windows Domain Membership durin Suse installation

- by user10826

Hi, I am installing SUSE 11.2, and went with the default options, now it reached the point of "Windows Domain Membership". At job I do not remember the right names, so I tried some but I get an error message which says "cannot use the group "WORKGROUP" for Linux authentication", etc. So I would like to avoid windows authentication, but at this point I do not see this option. I can only try domain names or abort the installation. What could I do here in order to finish the installation without windows memebership? Thanks

Read the article
Cancel Windows Domain Membership durin Suse installation

- by assdasdasd

0 vote down star Hi, I am installing SUSE 11.2, and went with the default options, now it reached the point of "Windows Domain Membership". At job I do not remember the right names, so I tried some but I get an error message which says "cannot use the group "WORKGROUP" for Linux authentication", etc. So I would like to avoid windows authentication, but at this point I do not see this option. I can only try domain names or abort the installation. What could I do here in order to finish the installation without windows memebership? Thanks

Read the article
Supervisor sentry-web exit status 1

- by rockingskier

I'm having problems getting Sentry (https://www.getsentry.com - not enough rep for a link) running as a service using supervisor. I can run Sentry in the command line and view it correctly in the browser but when it comes to supervisor I am completely in the dark. I shall try and give all the details I can Initial user warning By no means a server admin, just playing/learning in VirtualBox. Literally only just discovered supervisor from reading the Sentry documentation so I may well be making some obvious mistakes here. The setup: Ubuntu server 11.10 (fresh install, VirtualBox) virtualenv with Sentry and its dependencies. supervisor Instructions followed Supervisor with vanilla ini file Sentry/supervisor instructions My supervisor ini (Sentry section) [program:sentry-web] directory=/root/.virtualenvs/sentry/ command= start http /root/.virtualenvs/sentry/bin/sentry autostart=true autorestart=true redirect_stderr=true OK so here we go: When I run supervisord -n I get the following messages rather than a nice web interface to play with. 2012-04-12 23:48:09,024 CRIT Supervisor running as root (no user in config file) 2012-04-12 23:48:09,097 INFO RPC interface 'supervisor' initialized 2012-04-12 23:48:09,099 CRIT Server 'unix_http_server' running without any HTTP authentication checking 2012-04-12 23:48:09,100 INFO supervisord started with pid 17813 2012-04-12 23:48:10,126 INFO spawned: 'sentry-web' with pid 17816 2012-04-12 23:48:10,169 INFO exited: sentry-web (exit status 1; not expected) 2012-04-12 23:48:11,199 INFO spawned: 'sentry-web' with pid 17817 2012-04-12 23:48:11,238 INFO exited: sentry-web (exit status 1; not expected) 2012-04-12 23:48:13,269 INFO spawned: 'sentry-web' with pid 17818 2012-04-12 23:48:13,309 INFO exited: sentry-web (exit status 1; not expected) 2012-04-12 23:48:16,343 INFO spawned: 'sentry-web' with pid 17819 2012-04-12 23:48:16,389 INFO exited: sentry-web (exit status 1; not expected) 2012-04-12 23:48:17,394 INFO gave up: sentry-web entered FATAL state, too many start retries too quickly CRIT Supervisor running as root (no user in config file) suggests a big problem, probably shouldn't be running this as root? CRIT Server 'unix_http_server' running without any HTTP authentication checking Surely authentication is optional? INFO exited: sentry-web (exit status 1; not expected) *sad face* here. Google hasn't been much help yet. Anyway, that is it as far as I know. If anyone can help me that would be greatly appreciated. Thanks in advance.

Read the article
Can you authenticate into SSAS with AD LDS (ADAM) accounts?

- by Jaxidian

I'm very new to AD LDS and experienced but not qualified with SSAS, so my apologies for my ignorances with these. We have a couple implementations where we expose SSAS via an HTTPS proxy (msmdpump.dll) and currently we have a temporary domain setup handling this (where our end-users have a second account+creds to manage because of this = non-ideal). I want to move us towards a more permanent solution which I'm thinking of moving all authentication to AD LDS for our web apps, SSAS, and others. However, SSAS is where I'm concerned about this. I know SSAS requires Windows Authentication and to play nicely, and that this ultimately means Active Directory will be involved. Is there a way to get this done with AD LDS instead of having to use a full AD DS implementation? If so, how? (Note: My question over at StackOverflow had a suggestion that I post this question here on ServerFault instead. My apologies if I'm not asking in the right forum.)

Read the article
IIS 7.5 FTP IIS Manager Users Login Fail (530)

- by Jim

IIS 7.5 FTP IIS Manager Users Login Fail (530) I'm trying to set up a FTP site on IIS 7.5 that allows IIS Manager Users to login. I'm following this guide: http://learn.iis.net/page.aspx/321/configure-ftp-with-iis-7-manager-authentication/. After set up, I cannot login to the FTP using an IIS Manager User account. The client error I got was 530 User cannot log in. Win32 error: Unspecified error. Error details: An error occured during the authentication process. I tried both with or without a virtual host. A Windows account login fine. The only strange thing I noticed was that when setting up Read permission for Network Service, there was an access denied error when setting up permission for "%SystemDrive%\Windows\System32\inetsrv\config\schema". Any thoughts? Thanks!

Read the article
SBS2003 OWA not displaying images on external side

- by JasonC

I've got an SBS 2003 server with companyweb/remote owa site. After authenticating remotely to the https:/servername/remote site, and then clicking on Use Outlook Web Access, the mail/owa site displays only limited amounts of data with Loading... displayed (see first image). This is different when viewing the site on the server itself (see second image). Different browsers will display different types of data (last screenshot is Chrome - first two are IE). I feel IIS permissions on the virtual directories is the cause, but not certain. Forms-based authentication etc is working ok etc. Any suggestions? Authentication and getting email via ActiveSync is not a problem. I don't want to break anything, and it's not a major problem because the users only get their email via outlook and iphones anyway without problems. I'm more interested in finding out for my own info so please give me some suggestions to try. Thanks for looking!

Read the article
CgiModule and FastCgiModule in IIS7

- by Hari

My web server is IIS7 running on Windows 2008 Web edition. There are nearly 40 modules when checked pre-installed "Modules". It also having "CgiModule and FastCgiModules". All the websites installed on this server purely runs with ASP.NET technology. Can I remove these two modules to improve performance? Same way, my application uses "Forms Authentication" only. In such case can I delete "Windows Authentication and WindowsAuthenticationModule"?. Also please suggest if any other modules can be deleted to improve performance.

Read the article

Search Results

Search found 6090 results on 244 pages for 'digest authentication'.

Page 108/244 | < Previous Page | 104 105 106 107 108 109 110 111 112 113 114 115 | Next Page >

- by Churk

- by tomlog

- by Nasser

- by Muhammad Adeel Zahid

- by loganathan

- by Anthony

- by mtah

- by biozinc

- by 4dplane

- by user1960172

- by Dai

- by Calvin Froedge

- by xraminx

- by watkipet

- by Lucidity

- by rajeevrautela

- by Chris Adams

- by Bryan

- by user10826

- by assdasdasd

- by rockingskier

- by Jaxidian

- by Jim

- by JasonC

- by Hari

< Previous Page | 104 105 106 107 108 109 110 111 112 113 114 115 | Next Page >